Skip to content
This repository has been archived by the owner on Feb 1, 2024. It is now read-only.

Commit

Permalink
Merge branch 'AL-sandpit' into starter
Browse files Browse the repository at this point in the history
  • Loading branch information
Arnaud Lheureux committed Feb 1, 2021
2 parents 2407536 + 110ac08 commit b93a306
Show file tree
Hide file tree
Showing 107 changed files with 6,941 additions and 127 deletions.
4 changes: 3 additions & 1 deletion .devcontainer/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
version: '3.7'
services:
rover:
image: aztfmod/rover:2012.1109
image: aztfmod/rover:2102.0100
user: vscode

labels:
Expand All @@ -17,6 +17,7 @@
# and the value of "workspaceFolder" in .devcontainer/devcontainer.json
- ..:/tf/caf
- volume-caf-vscode:/home/vscode
- volume-caf-vscode-bashhistory:/commandhistory
- ~/.ssh:/tmp/.ssh-localhost:ro
- /var/run/docker.sock:/var/run/docker.sock

Expand All @@ -27,3 +28,4 @@
volume-caf-vscode:
labels:
- "caf=Azure CAF"
volume-caf-vscode-bashhistory:
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,5 @@ landing_zone_aks
**/*.csr
**/*.key
**/*.pem
**/*.cer
**/*.cer
landing_zone_data_analytics
2 changes: 1 addition & 1 deletion .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ repos:
hooks:
- id: check-merge-conflict
- id: trailing-whitespace
- id: check-yaml
# - id: check-yaml
- id: check-added-large-files
# - repo: git://github.com/markdownlint/markdownlint
# rev: v0.11.0
Expand Down
8 changes: 3 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,10 +12,11 @@ The purpose of this repository is to provide you with a starting point when comp

In CAF landing zones for Terraform, our approach is to separate the configuration repository and the logic repository:

* **Configuration repository**: this template is an example of configuration repository for CAF landing zones, containing definition of the configuration for your different environments.
* **Configuration repository**: this template is an example of configuration repository for CAF landing zones, containing definition of the configuration for your different environments. In real world, this is often separate repositories, but to simplify things, we created a repo with examples containing various environments.
* **Logic repository**: the Azure CAF landing [zone repository](https://github.com/azure/caf-terraform-landingzones)

This approach allows you to easily:

* check-in your configuration in your specific Git repository.
* resync the code with the public codebase for updates.
* customize the code if needed and contribute back to the community.
Expand All @@ -26,7 +27,6 @@ To get started with creating your environment, you can fork this repository on y

You can then customize your environment by following the steps inside the [configuration folder](./configuration) and review our sample configuration [onboarding video here](https://www.youtube.com/watch?v=M5BXm30IpdY)


## Related repositories

Landing zones for Terraform are composed of multiple open-source components and projects:
Expand All @@ -36,9 +36,7 @@ Landing zones for Terraform are composed of multiple open-source components and
| [caf-terraform-landingzones](https://github.com/azure/caf-terraform-landingzones) | landing zones repo with sample and core documentations |
| [rover](https://github.com/aztfmod/rover) | devops toolset for operating landing zones |
| [azure_caf_provider](https://github.com/aztfmod/terraform-provider-azurecaf) | custom provider for naming conventions |
| [modules](https://registry.terraform.io/modules/aztfmod) | CAF Terraform module |
| [Azure Kubernetes Services](https://github.com/aztfmod/landingzone_aks) | Azure Kubernetes Services landing zone |
| [Data and Analytics](https://github.com/aztfmod/landingzone_data_analytics) | Azure data and analytics services landing zone |
| [module](https://registry.terraform.io/modules/aztfmod) | CAF Terraform module |

## Community

Expand Down
4 changes: 2 additions & 2 deletions configuration/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,11 @@ In order to create those customized configuration environment, you can leverage:
First step is to get the landing zones logic in the same work space, so let's clone the environment locally:

```bash
git clone --branch 2012.0.0 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/public
git clone --branch 2101.0.0 https://github.com/Azure/caf-terraform-landingzones.git /tf/caf/public

# Or refresh an existing clone
cd /tf/caf/public
git checkout 2012.0.0
git checkout 2101.0.0
git pull
```

Expand Down
37 changes: 23 additions & 14 deletions configuration/demo/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ Assumptions:
After completing the steps from the general [configuration readme](../README.md), you can start using the demo deployment:

You can then specify the environment you are running:

```bash
export environment=demo
```
Expand All @@ -24,11 +25,11 @@ export environment=demo

```bash
rover -lz /tf/caf/public/landingzones/caf_launchpad \
-launchpad \
-var-folder /tf/caf/configuration/${environment}/level0/launchpad \
-parallelism 30 \
-level level0 \
-env ${environment} \
-launchpad \
-a [plan|apply|destroy]
```

Expand Down Expand Up @@ -61,7 +62,7 @@ rover -lz /tf/caf/public/landingzones/caf_shared_services/ \
-a [plan|apply|destroy]
```

#### Deploy the networking hub (required to add parallel spoke projects)
#### Deploy the networking hub

```bash
rover -lz /tf/caf/public/landingzones/caf_networking/ \
Expand All @@ -73,32 +74,40 @@ rover -lz /tf/caf/public/landingzones/caf_networking/ \
-a [plan|apply|destroy]
```

### 4. Level 3 landing zones - Shared infrastructure platforms
### 4. Level 3 landing zones

#### Deploy the networking spoke
#### Deploy an AKS landing zone

```bash
rover -lz /tf/caf/public/landingzones/caf_networking/ \
-tfstate networking_spoke_aks.tfstate \
-var-folder /tf/caf/configuration/${environment}/level3/networking/spoke \
rover -lz /tf/caf/public/landingzones/caf_solutions/ \
-tfstate landing_zone_aks.tfstate \
-var-folder /tf/caf/configuration/${environment}/level3/aks \
-parallelism 30 \
-level level3 \
-env ${environment} \
-a [plan|apply|destroy]
```

#### Deploy the Azure Kubernetes Services landing zone
#### Deploy a data and analytics landing zone

#### Clone the AKS landing zone files
```bash
rover -lz /tf/caf/public/landingzones/caf_solutions/ \
-tfstate landing_zone_101_aml_workspace.tfstate \
-var-folder /tf/caf/configuration/${environment}/level3/data_analytics/101-aml-workspace \
-parallelism 30 \
-level level3 \
-env ${environment} \
-a [plan|apply|destroy]
```

git clone https://github.com/aztfmod/landingzone_aks.git /tf/caf/landing_zone_aks
#### Deploy an Azure App Service Environment landing zone

#### Deploy the AKS cluster
Warning: this is time consuming.

```bash
rover -lz /tf/caf/landing_zone_aks \
-tfstate landing_zone_aks.tfstate \
-var-folder /tf/caf/configuration/${environment}/level3/aks \
rover -lz /tf/caf/public/landingzones/caf_solutions/ \
-tfstate landing_zone_ase.tfstate \
-var-folder /tf/caf/configuration/${environment}/level3/app_service \
-parallelism 30 \
-level level3 \
-env ${environment} \
Expand Down
3 changes: 2 additions & 1 deletion configuration/demo/level3/aks/acr.tfvars
Original file line number Diff line number Diff line change
Expand Up @@ -14,4 +14,5 @@ azure_container_registries = {
}
}
}
}
}

5 changes: 2 additions & 3 deletions configuration/demo/level3/aks/aks.tfvars
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,7 @@ aks_clusters = {
type = "SystemAssigned"
}

kubernetes_version = "1.17.11"
lz_key = "networking_spoke_aks"
kubernetes_version = "1.19.6"
vnet_key = "spoke_aks_re1"

network_policy = {
Expand Down Expand Up @@ -43,7 +42,7 @@ aks_clusters = {
max_pods = 30
node_count = 1
os_disk_size_gb = 512
orchestrator_version = "1.17.11"
orchestrator_version = "1.19.6"
tags = {
"project" = "system services"
}
Expand Down
9 changes: 7 additions & 2 deletions configuration/demo/level3/aks/configuration.tfvars
Original file line number Diff line number Diff line change
Expand Up @@ -8,8 +8,9 @@ landingzone = {
level = "lower"
tfstate = "caf_shared_services.tfstate"
}
networking_spoke_aks = {
tfstate = "networking_spoke_aks.tfstate"
networking_hub = {
level = "lower"
tfstate = "networking_hub.tfstate"
}
}
}
Expand All @@ -19,4 +20,8 @@ resource_groups = {
name = "aks-re1"
region = "region1"
}
aks_spoke_re1 = {
name = "aks-vnet-spoke-re1"
region = "region1"
}
}
1 change: 1 addition & 0 deletions configuration/demo/level3/app_service/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# Cloud Adoption Framework landing zones for Terraform - App Service Environment landing zone configuration file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@

app_service_environments = {
ase1 = {
resource_group_key = "ase_region1"
name = "ase01"
max_length = "80"
kind = "ASEV2"
zone = "1"

vnet_key = "ase_region1"
subnet_key = "ase1"
internalLoadBalancingMode = "3"

# private_dns_records = {
# a_records = {
# ase_a_record = {
# name = ""
# ttl = 300
# lz_key = "private_dns"
# private_dns_key = "ase"
# }
# wilcard = {
# name = "*"
# ttl = 300
# lz_key = "private_dns"
# private_dns_key = "ase"
# }
# }
# }

# diagnostic_profiles = {
# ase = {
# definition_key = "ase"
# destination_type = "log_analytics"
# destination_key = "central_logs"
# }
# }
}
}
34 changes: 34 additions & 0 deletions configuration/demo/level3/app_service/app_service_plans.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@

app_service_plans = {
# asp1 = {
# app_service_environment_key = "ase1"
# resource_group_key = "asp_region1"

# name = "ase1-asp01"
# kind = "Windows"

# sku = {
# tier = "Isolated"
# size = "I1"
# capacity = "1"
# per_site_scaling = true
# }
# },
asp2 = {
app_service_environment_key = "ase1"
resource_group_key = "asp_region1"

name = "ase1-asp02"
kind = "Linux"

//When creating a Linux App Service Plan, the reserved field must be set to true
reserved = true

sku = {
tier = "Isolated"
size = "I1"
capacity = "1"
per_site_scaling = true
}
}
}
50 changes: 50 additions & 0 deletions configuration/demo/level3/app_service/configuration.tfvars
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@

landingzone = {
backend_type = "azurerm"
global_settings_key = "shared_services"
level = "level3"
key = "ase"
tfstates = {
# networking_spoke_ase = {
# level = "current"
# tfstate = "networking_spoke_ase.tfstate"
# }
shared_services = {
level = "lower"
tfstate = "caf_shared_services.tfstate"
}
}
}

resource_groups = {
ase_region1 = {
name = "ase"
region = "region1"
}
asp_region1 = {
name = "asp"
region = "region1"
}
networking_ase = {
name = "networking-ase"
region = "region1"
}
}


# diagnostics_definition = {
# ase = {
# name = "operational_logs_and_metrics"
# categories = {
# log = [
# # ["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period]
# ["AppServiceEnvironmentPlatformLogs", true, true, 5],
# ]
# # metric = [
# # #["Category name", "Diagnostics Enabled(true/false)", "Retention Enabled(true/false)", Retention_period]
# # ["AllMetrics", false, false, 7],
# # ]
# }
# }

# }
Loading

0 comments on commit b93a306

Please sign in to comment.